7 matches found
CVE-2025-61588 risc0 vulnerable to arbitrary code execution in guest via memory safety failure in `sys_read`
RISC Zero is a zero-knowledge verifiable general computing platform based on zk-STARKs and the RISC-V microarchitecture. In versions 2.0.2 and below of risc0-zkvm-platform, when the zkVM guest calls sysread, the host is able to use a crafted response to write to an arbitrary memory location in th...
CVE-2025-61588
CVE-2025-61588 affects risc0-zkvm-platform (<= 2.0.2), risc0-aggregation (<0.9), risc0-zkos-v1compat (
CVE-2025-61588 risc0 vulnerable to arbitrary code execution in guest via memory safety failure in `sys_read`
RISC Zero is a zero-knowledge verifiable general computing platform based on zk-STARKs and the RISC-V microarchitecture. In versions 2.0.2 and below of risc0-zkvm-platform, when the zkVM guest calls sysread, the host is able to use a crafted response to write to an arbitrary memory location in th...
GHSA-JQQ4-C7WQ-36H7 risc0 vulnerable to arbitrary code execution in guest via memory safety failure in `sys_read`
Arbitrary code execution in guest via memory safety failure in sysread In affected versions of risc0-zkvm-platform, when the zkVM guest calls sysread, the host is able to use a crafted response to write to an arbitrary memory location in the guest. This capability can be leveraged to execute...
risc0 vulnerable to arbitrary code execution in guest via memory safety failure in `sys_read`
Arbitrary code execution in guest via memory safety failure in sysread In affected versions of risc0-zkvm-platform, when the zkVM guest calls sysread, the host is able to use a crafted response to write to an arbitrary memory location in the guest. This capability can be leveraged to execute...
PT-2025-40308
Name of the Vulnerable Software and Affected Versions risc0-zkvm-platform versions 2.0.2 and below risc0-aggregation versions below 0.9 risc0-zkos-v1compat versions below 2.1.0 risc0-zkvm versions 3.0.0-rc.1 through 3.0.1 Description The software contains a flaw related to memory safety in the sy...
PT-2025-26449 Β· Risc Zero Β· Risc0-Zkvm
Name of the Vulnerable Software and Affected Versions: risc0-zkvm versions 2.0.0 through 2.0.2 Description: The issue is due to a missing constraint in the rv32im circuit, allowing a malicious prover to attack any 3-register RISC-V instruction, including remu and divu, by confusing the RISC-V...